Furniture Chain’s Rental Computers Sent 185,000 Spyware Emails Containing Customers’ Passwords, Explicit Photos, Financial Information Back to Headquarters

The Atlanta-based national furniture chain Aaron’s offers computers on a rent-to-own basis. Many of the computers contained secretly activated spyware which tracked customers’ locations, took webcam photos inside their homes, and forwarded intimate photos and information back to corporate servers, reports NBC News:

Spyware installed on computers leased from furniture renter Aaron’s Inc. secretly sent 185,000 emails containing sensitive information — including pictures of nude children and people having sex — back to the company’s corporate computers, according to court documents filed Wednesday in a class-action lawsuit.

According to the filings, some of the spyware emails contained pictures secretly taken by the rental computers’ webcams or other sensitive information including Social Security numbers, social media and email passwords, and customer keystrokes, the Federal Trade Commission determined last year.

Aaron’s officials have previously said the company never installed the spyware on computers rented out of 1,140 company-operated stores and blamed individual franchisees for installing it. But the new filings claim Aaron’s nonetheless received the secretly recorded data.

The allegations grew out of a Federal Trade Commission settlement last year [involving] a Casper, Wyo., couple, Brian and Crystal Byrd. The couple’s May 2011 lawsuit claimed the manager of the Casper store showed Brian Byrd a webcam picture of himself operating a rental computer after the manager activated the spyware in the process of trying to repossess the computer, which the manager mistakenly believed the Byrds hadn’t paid off under their rent-to-own agreement. The filings seek court permission to file a new complaint adding 54 franchisees based on the 185,000 emails since traced to Aaron’s computer servers.

On Wednesday, attorneys also filed a new lawsuit on behalf of a customer who claims an Oregon Aaron’s franchise tracked her physical location by having Detective Mode trace her Wi-Fi use of the computer.

, , , , ,

  • alizardx

    Hope the class action lawsuit judgement destroys the company and the careers of all the C-level people. They need to be made an example of.

    • Ittabena

      I think it should be cut and dried. Aaron’s practices usury and preys on the poor with their business practices. They should be closed and all their assets seized, just like when one of their clients misses a payment.

      Of course this would only mean a quick name change and back to business as usual. And those salesman who lost their jobs would just start a new career spamming the Disinfo comments, so what would be accomplished?

      Of course we could try tarring and feahering. It used to work pretty good in the old days.

  • BuzzCoastin

    too bad they’re not Uncle Homeland
    then they’d be in the clear
    spying on Amerikans is OK when Uncle Homeland does it for their security

  • InfvoCuernos

    O holy shit. I always knew that webcam gimmick was a bad idea. I don’t even like having my cell phone sitting out with the camera facing where it can “see anything in my home. Of course somebody is doing this, and you can bet if one company is doing, then the govt. probably has this capability too.

  • InfvoCuernos

    O holy shit. I always knew that webcam gimmick was a bad idea. I don’t even like having my cell phone sitting out with the camera facing where it can “see anything in my home. Of course somebody is doing this, and you can bet if one company is doing, then the govt. probably has this capability too.

    • Ittabena

      Actually, my IT guy in MS was very very good. I asked him about this sort of thing once. Did you know, that their is software the US Gov can load or activate remotely that will broadcast the audio in a room after the cell phone is turned off?

      There had been a story on NPR (aka National Petroleum Radio) that hackers could do this. Since my friend was a hacker I thought I would ask him and find out for certain. As a former WorldCom employee I had my strong suspicions. My buddy told me that he would have to have physical possession of the cell phone for a minute or two to accomplish this, but the Gov. could do it remotely.

      Drowning is the only thing that will cure your cell phone of such errant behavior should it catch this bug.